Skip to main content

Android malware threat rears its head again — and this time it means business

Android malware
Image used with permission by copyright holder
A malware threat first observed in 2012 has evolved and hijacked more than 4 million Android devices to send spam emails, buy event tickets in bulk and crack WordPress accounts. In its new and improved form, the threat is now putting enterprise networks at risk.

Mobile security firm Lookout first discovered NotCompatible in 2012 (variant “A”), when the malware disguised itself as a system update, which if downloaded turned the infected device into an attacker-controlled proxy. “We’ve seen increasingly sophisticated threats emerging – for the first time ever, we witnessed malware writers targeting the mobile Web via compromised or infected websites with the NotCompatible threat,” said Derek Halliday, senior product manager at Lookout, in an interview with Digital Trends back in August 2012.

Since then, Lookout has tracked the NotCompatible threat and is now reporting the emergence of NotCompatible.C, the newest iteration of the malware. What makes NotCompatible.C a bigger threat than the original version is its ability to infiltrate secure enterprise networks by way of infected devices.

“NotCompatible.C is ultimately a botnet-for-rent; though the server architecture, peer-to-peer communications, and encryption make it a much more formidable threat,” according to Lookout. In other words, the new version of NotCompatible makes it more difficult for network security systems to detect and block.

Spam email blasts and compromised websites are the delivery channels for the “drive-by-downloads” that infect devices with NotCompatible.C. The malware relies on the gullibility of Android users – for instance, including a link to an Android application package (APK) in an email about weight loss solutions.

The malware is costly for owners of infected Android phones. Not only does it use data that counts against a user’s carrier plan, it also drains a phone’s battery.

Lookout offers two strategies to protect against NotCompatible.C: use an advanced mobile security platform to detect the threat at device level and segment networks to limit the potential reach of an infected device. Lookout says its mobile app is able to defend Android devices from NotCompatible.C.

To read a more detailed analysis of the NotCompatible.C threat, read Lookout’s report.

Lookout’s report about NotCompatible.C is hardly alone in sounding the warning bell for Android users. According to online security firm F-Secure, 99 percent of mobile malware threats in Q1 2014 were designed to run on Android devices. Meanwhile, Cheetah Mobile, a company that makes mobile apps to clean, protect and optimize phones, recently reported that 9 percent of Android apps are fully or partially malware.

Editors' Recommendations

Jason Hahn
Jason Hahn is a part-time freelance writer based in New Jersey. He earned his master's degree in journalism at Northwestern…
Visible just made its unlimited 5G plan better than ever
Visible wireless phones and plans featured

Digital wireless service provider Visible has announced upgrades to its premium Visible+ phone plan. The highlight is a new Global Pass feature that allows Visible customers to use their phones in 140 countries worldwide.

The Visible Global Pass offers unlimited talk and text services, along with 2GB of high-speed data, for a flat rate of $10 per day. Visible+ members can also enjoy a free Global Pass usage day every month. The activation process can be done through the Visible app.

Read more
The OnePlus Watch 2 is the Wear OS smartwatch I’ve been waiting for
Person wearing OnePlus Watch 2 with a green strap on their left wrist.

The OnePlus Watch 2 -- the company's first Wear OS watch -- has entered a market that Samsung dominates. However, OnePlus' popularity as a smartphone brand can be expected to bring small, yet meaningful changes that benefit not only OnePlus users, but all of the Wear OS segment in general.

For almost a decade, Samsung and Apple have predominantly been the default options if you want a smartwatch that is actually useful and goes beyond flashy features. With Samsung shifting gears and migrating from its own Tizen OS to the (relatively) more universal Wear OS platform and Google releasing its own Pixel Watch after struggling with an identity crisis in the smartwatch world, the platform has much more traction than it did a few years ago. As OnePlus carves its way into the segment, it has the opportunity to entice people who don't wish to live within Samsung's limitations when using a Galaxy Watch with another brand's phone.

Read more
Buying an iPad Mini today? You need to know about this deal
The Apple Pencil attaches to the iPad mini magnetically.

If you've had an eye on iPad deals for the latest model of the Apple iPad Mini for a while now, this may be the offer that you've been waiting for -- a $100 discount from Best Buy on the tablet's Wi-Fi, 64GB model, slashing its price to $400 from $500. It's still pretty popular years after its release, so we don't expect stocks of the device for this sale to last long. If you're thinking about taking advantage of this bargain, you better push through with your purchase as soon as possible to make sure that you don't miss out on the savings.

Why you should buy the Apple iPad Mini 2021
The latest generation of the Apple iPad Mini was released in 2021, but it's still featured in our roundup of the best iPads because it's the model that you should buy if you want a smaller and more compact version of Apple's tablets. Its 8.3-inch Liquid Retina display is smaller than the screens of its peers, but it's still big enough to enjoy watching streaming shows and browsing websites, while allowing you to use the device with one hand. Unlike its predecessor, there's no Home button, so the Touch ID sensor is instead built into the power button at the side of the Apple iPad Mini 2021.

Read more